Passively analyzes network traffic to provide continuous visibility into managed and unmanaged assets on your networks
From IT to OT, Nessus® Network Monitor (formerly Passive Vulnerability Scanner® or PVS™) illuminates blind spots so you can see and protect your entire environment. The product provides a safe and non-intrusive way to discover and monitor even the most sensitive systems.
Nessus Network Monitor (NNM) is included as a sensor with Tenable.io® VM, Industrial Security, and SecurityCenter Continuous View®. Not all NNM capabilities are available with all product configurations.
Eliminates Critical Blind Spots
Provides deep packet inspection to continuously discover and track users, applications, cloud infrastructure, trust relationships and vulnerabilities.
Automatically discovers infrastructure and vulnerabilities across more technologies than any other vendor, including operational technology devices, operating systems, network devices, hypervisors, databases, tablets, phones, web servers, and cloud applications.
Real-Time Network Monitoring
- Delivers continuous monitoring and assessment of an organization’s network in a non-intrusive manner
- Monitors network traffic at the packet level to provide visibility into both server and client-side vulnerabilities
- Scales to meet future asset discovery and vulnerability monitoring demands of proliferation of devices, including virtual systems and cloud services
Immediate Vulnerability Detection:
- Automatic infrastructure and vulnerability assessment Identifies server- and client-side vulnerabilities in new and transient assets
- Detects vulnerabilities on communicating systems and the protocols and applications used
- Identifies when an application is compromised or subverted
Suspicious Traffic Identification:
- Identifies unencrypted PII and other sensitive information in motion
- Discovers when internal systems begin port scan of other systems
- Highlights all interactive and encrypted network sessions
- Spots which ports served and browsed for each individual system
- Operational Technology devices and applications
- Web applications
- Network devices
- Virtual- and cloud-based devices
- BYOD/mobile devices
- Jailbroken iOS devices
Compliance and Deployment
PCI DSS Compliance
The PCI DSS requires accurate and comprehensive identification of all systems involved in the transmission, processing or storage of credit card data. These systems collectively comprise the "cardholder data environment" (CDE) where PCI DSS controls must be consistently applied and validated on an annual basis. Organizations also must provide evidence of procedures to maintain the integrity of the CDE. Nessus Network Monitor not only monitors known data flows in/out of the CDE but also identifies undocumented data flows, particularly of unencrypted payment card information.
Nessus Network Monitor is included as a sensor with Tenable.io® VM, Industrial Security, and SecurityCenter Continuous View®. It is offered at two performance levels: 1 Gbps for monitoring small networks and network segments; and 10 Gbps, which extends Nessus Network Monitor to high-performance datacenters and internet ingress/egress points.